Earlier versions of Occupational Health and Safety standards have
advocated risk management and risk avoidance, but it has been implicit.
The new ISO 45001:2018 standard explicitly expects organizations to
identify workplace hazards and address risks associated with their
operations, processes, and activities, aimed at and resulting in improved
OH&S performance.
Besides identifying the risks, the new ISO standard expects user
organizations to address opportunities for improvements and corrective
actions based on the risk analysis.
Note that while corrective action is a requirement of ISO 45001 :2018,
the concept of preventive action is expressed through a risk-based
approach where risks are determined and actions to address risks and
opportunities are taken.
The standard does not require you to create a formal risk management
system. However, this risk analysis exercise is intended to outline
several approaches / options for the management of risk at your
company.
To prepare for the change, it is important to understand Risk Based
Thinking and begin to look at your operations, processes, and activities
in terms of hazards and risks.
Risk is the possibility of an event or activity negatively impacting the
operational or strategic objectives of an organization.